Secrets Tab

Allows importing, generating, keeping, modifying, and exporting secrets in CORE.

By default, the max plain-text size of a secret is 4000 Bytes. To change this limit, refer to the static system setting inSystem Static Properties.

Partition SOClosedSecurity officer - UKC partition administrator role. ˃ Secrets

→ presents the following:

Table of Secrets

Each row in the table presents the following attributes:

New Secret

  • Partition SOClosedSecurity officer - UKC partition administrator role. ˃ Secrets ˃ Create
    → The New Secret dialog appears.
    • Name - mandatory. See Name and Description.
    • Warning
      The system allows reusing the same secret name in a partition unless the Enforce-unique setting specifies the mandatory name uniqueness. If you choose to reuse the name, accessing the secret using its name may produce ambiguous results.

    • Description - optional.
    • Note
      The absence of the description does not violate the Enforce-unique requirement.

    • Groups - As needed, specify membership in the key groups. See Membership in Key-Groups. You can select the group name from the drop-down list or create it on the spot by typing a new name. In such a case, the new key group name shall be added to the list of the available key groups.
    • Note
      Every secret is a permanent member of the default key group. This membership can't be revoked.

    • Secret generation method ▼
    • A secret can be:

      • Entered manually.
      • Generated by the system.

        To generate a secret that complies with NIST.SP.800-63b password randomness and complexity requirements:

        1. Select Generate random secret - to assure the randomness of characters.
        2. Specify the minimum length - to comply with the minimum password length requirements.
        3. Check the Must include box - to ensure the presence of a special character(s) in the random mix of the upper- and lower-case letters and digits.

    Import Secret File

    Partition SOClosedSecurity officer - UKC partition administrator role. ˃ Secrets ˃ Import
    → The Import Secret File dialog appears:

    • The Browse button prompts you to select the file whose content shall be stored as the secret material
    • For the Name, Description, and Groups, see the New Secret dialog.

    Commands

    Partition SOClosedSecurity officer - UKC partition administrator role. ˃ Secrets ˃ select Secret ˃ []

    → The list of commands appears.

    • Edit - Allows changing the secret's metadata: name, description, and group-tag assignment.
    • Edit as text - Allows inspecting and modifying the secret if it is UTF-8ClosedUTF-8 is character encoding scheme that includes and is backwards compatible with ASCII encoded. Otherwise, use the following steps:
      1. Export - This function exports a secret to the <secret-name>.secret file in the browser's default folder. the secret to a file.
      2. Use its appropriate editor to modify its content.
      3. Save it in the CORE by using the Replace the content with the file command.
    • Replace the content with the file - Use this function to replace the secret's content with the content of the specified file.
    • Export - This function exports a secret to the <secret-name>.secret file in the browser's default folder.
    • Delete - Deletes the secret after the intention is confirmed.
    • Note
      Following the deletion, the page is refreshed. The time it takes to refresh the presented page depends on the number of keys in the partition.